Create Database Links to an Oracle Database that is not an Autonomous Database
You can create database links from an Autonomous Database to an Oracle database that is on a private endpoint or on a public endpoint (publicly accessible).
See Create Database Links from Autonomous Database to Another Autonomous Database if the target for your database link is another Autonomous Database.
- Create Database Links from Autonomous Database to a Publicly Accessible Oracle Database with a Wallet (mTLS)
You can create database links from an Autonomous Database to a target Oracle database that is on a public endpoint. - Create Database Links from Autonomous Database to an Oracle Database on a Private Endpoint
You can create database links from an Autonomous Database to a target Oracle Database that is on a private endpoint. - Database Link Notes with a Target Oracle Database
Provides notes for creating database links to a target Oracle database (when the target is not an Autonomous Database)
Parent topic: Use Database Links with Autonomous Database
Create Database Links from Autonomous Database to a Publicly Accessible Oracle Database with a Wallet (mTLS)
You can create database links from an Autonomous Database to a target Oracle database that is on a public endpoint.
To use database links with Autonomous Database the target database must be configured to use TCP/IP with SSL (TCPS) authentication. Autonomous Databases use TCP/IP with SSL (TCPS) authentication by default, so you do not need to do any additional configuration in your target database to link to another Autonomous Database. Other Oracle databases must be configured to use TCP/IP with SSL (TCPS) authentication. See Configuring Secure Sockets Layer Authentication for more information.
To create database links to a public target, the target Oracle Database must be accessible. Some databases may limit access (for example, using Access Control Lists). Make sure you enable your target database to allow access from your source database for the database link to work. If you limit access with Access Control Lists (ACLs), you can find the outbound IP address of your source Autonomous Database and allow that IP address to connect to your target database.
See How to Create a Database Link from Your Autonomous Database to a Database Cloud Service Instance for more information.
To create database links to a target Oracle database with a wallet (mTLS):
For the credentials you create in Step 5, the target database credentials, if the password of the target user changes you can update the credential that contains the target user's credentials as follows:
BEGIN
DBMS_CLOUD.UPDATE_CREDENTIAL
(
credential_name => 'DB_LINK_CRED',
attribute => 'PASSWORD',
value => 'password' );
END;
/
Where password is the new password.
After this operation, the existing database links that use this credential continue to work without having to drop and recreate the database links.
You can create links to Big Data Service using
DBMS_CLOUD_ADMIN.CREATE_DATABASE_LINK
. See Query Big Data Service Hadoop (HDFS) Data from Autonomous Database for more information.
For additional information, see:
Create Database Links from Autonomous Database to an Oracle Database on a Private Endpoint
You can create database links from an Autonomous Database to a target Oracle Database that is on a private endpoint.
Depending on the type and the configuration of the target Oracle database:
-
Another Oracle Database, such as on-premises or a Database Cloud Service database, on a private endpoint that is configured for SSL (TCPS): In this case you can create the database link with a wallet, and the database link communicates with TCPS. See Create Database Links from Autonomous Database to Oracle Databases on a Private Endpoint with a Wallet (mTLS) for details:
-
Oracle Database, such as on-premises or a Database Cloud Service database, on a private endpoint that is configured for TCP: In this case you create the database link without a wallet and the database link communicates with TCP. See Create Database Links to Oracle Databases on a Private Endpoint without a Wallet for details
See How to Create a Database Link from Your Autonomous Database to a Database Cloud Service Instance for more information.
Topics
- Prerequisites for Database Links from Autonomous Database to Oracle Databases on a Private Endpoint
Lists the prerequisites to create database links from an Autonomous Database to a target Oracle database that is on a private endpoint. - Create Database Links to Oracle Databases on a Private Endpoint without a Wallet
UseDBMS_CLOUD_ADMIN.CREATE_DATABASE_LINK
to create database links from an Autonomous Database to a target Oracle database that is on a private endpoint and connect without a wallet (TCP). - Create Database Links from Autonomous Database to Oracle Databases on a Private Endpoint with a Wallet (mTLS)
You can create database links from an Autonomous Database to a target Oracle database that is on a private endpoint.
Prerequisites for Database Links from Autonomous Database to Oracle Databases on a Private Endpoint
Lists the prerequisites to create database links from an Autonomous Database to a target Oracle database that is on a private endpoint.
To create a database link to a target Oracle database on a private endpoint:
-
The target database must be accessible from the source database's Oracle Cloud Infrastructure VCN. For example, you can connect to the target database when:
-
The target database is on a private endpoint.
-
Both the source database and the target database are in the same Oracle Cloud Infrastructure VCN.
-
The source database and the target database are in different Oracle Cloud Infrastructure VCNs that are paired.
-
The target database is an on-premises database that is connected to the source database's Oracle Cloud Infrastructure VCN using FastConnect or VPN.
-
-
There are two options to specify the target database, use the
hostname
parameter or therac_hostnames
parameter:-
For a target on a private endpoint,
DBMS_CLOUD_ADMIN.CREATE_DATABASE_LINK
supports specifying a single hostname with thehostname
parameter. On a private endpoint, using an IP address, SCAN IP, or a SCAN hostname is not supported (when the target is on a public endpoint,CREATE_DATABASE_LINK
supports using an IP address, a SCAN IP, or a SCAN hostname). -
When the target is an Oracle RAC database, use the
When you specify a list of host names in therac_hostnames
parameter to specify one or more hostnames withDBMS_CLOUD_ADMIN.CREATE_DATABASE_LINK
. This allows you to take advantage of the high availability capabilities of Oracle RAC. Using an IP address, a SCAN IP, or a SCAN hostname in therac_hostnames
value is not supported.rac_hostnames
parameter,CREATE_DATABASE_LINK
uses all of the specified host names as addresses in the connect string. If one of the specified hosts is not available on the target Oracle RAC database, Autonomous Database automatically attempts to connect using another host name from the list.
-
-
The following ingress and egress rules must be defined for the private endpoint:
-
Define an egress rule in the source database's subnet security list or network security group such that the traffic over TCP is allowed to the target database's IP address and port number.
-
Define an ingress rule in the target database's subnet security list or network security group such that the traffic over TCP is allowed from the source database IP address to the destination port.
See Configure Network Access with Private Endpoints for information on configuring private endpoints with ingress and egress rules.
-
When your Autonomous Database instance is configured with a private endpoint, set the
ROUTE_OUTBOUND_CONNECTIONS
database parameter to
'PRIVATE_ENDPOINT
' to specify that all outgoing database links are
subject to the Autonomous Database instance
private endpoint VCN's egress rules. See Enhanced Security for Outbound Connections with Private Endpoints for more information.
Create Database Links to Oracle Databases on a Private Endpoint without a Wallet
Use DBMS_CLOUD_ADMIN.CREATE_DATABASE_LINK
to
create database links from an Autonomous Database to a
target Oracle database that is on a private endpoint and connect without a wallet
(TCP).
This option is for target Oracle databases that are on a private endpoint and do not have SSL/TCPS configured.
Perform the prerequisite steps, as required. See Prerequisites for Database Links from Autonomous Database to a Target Autonomous Database on a Private Endpoint for details.
To create a database link to a target database on a private endpoint using a secure TCP connection without a wallet:
For the credentials you create in Step 1, the Oracle Database credentials, if the password of the target user changes you can update the credential that contains the target user's credentials as follows:
BEGIN
DBMS_CLOUD.UPDATE_CREDENTIAL
(
credential_name => 'DB_LINK_CRED',
attribute => 'PASSWORD',
value => 'password');
END;
/
Where password is the new password.
After this operation, the existing database links that use this credential continue to work without having to drop and recreate the database links.
See CREATE_DATABASE_LINK Procedure for additional information.
Create Database Links from Autonomous Database to Oracle Databases on a Private Endpoint with a Wallet (mTLS)
You can create database links from an Autonomous Database to a target Oracle database that is on a private endpoint.
This option is for target Oracle databases that have SSL/TCPS configured and that are on a private endpoint.
If the target Oracle database does not have SSL/TCPS configured, you have two options:
-
You can configure the target Oracle database to use TCP/IP with SSL (TCPS) authentication. See Configuring Transport Layer Security Authentication for information on configuring SSL/TCPS.
-
You can connect to the target Oracle database with TCP. See Create Database Links to Oracle Databases on a Private Endpoint without a Wallet for details.
Perform the prerequisite steps, as required. See Prerequisites for Database Links from Autonomous Database to a Target Autonomous Database on a Private Endpoint for details.
To create a database link to a target Oracle database on a private endpoint using TCP/IP with SSL (TCPS) authentication:
For the credentials you create in Step 5, the Oracle Database credentials, if the password of the target user changes you can update the credential that contains the target user's credentials as follows:
BEGIN
DBMS_CLOUD.UPDATE_CREDENTIAL
(
credential_name => 'DB_LINK_CRED',
attribute => 'PASSWORD',
value => 'password');
END;
/
Where password is the new password.
After this operation, the existing database links that use this credential continue to work without having to drop and recreate the database links.
See CREATE_DATABASE_LINK Procedure for additional information.
Database Link Notes with a Target Oracle Database
Provides notes for creating database links to a target Oracle database (when the target is not an Autonomous Database)
Notes for database links to other Oracle databases:
-
If you are using database links between Autonomous Database and other Oracle Databases, you might need to apply Patch 33843368 on the Oracle Database that is not an Autonomous Database. This applies to cases where the Autonomous Database instance is either the source or the target of the database link.
See My Oracle Support Knowledge Base: Patch Requirement For Database Links Between ADB-S And Other Oracle Databases(Doc ID 2874244.1) for further details.
-
Only one wallet file is valid per directory for use with database links. You can only upload one
cwallet.sso
at a time to the directory you choose for wallet files (for example DBLINK_WALLET_DIR). This means with acwallet.sso
in DBLINK_WALLET_DIR you can only create database links to the databases for which the wallet in that directory is valid. To use multiplecwallet.sso
files with database links you need to create additional directories and put eachcwallet.sso
in a different directory. When you create database links withDBMS_CLOUD_ADMIN.CREATE_DATABASE_LINK
, specify the directory that contains the wallet with thedirectory_name
parameter.See Create Directory in Autonomous Database for information on creating directories.
-
Supported target Oracle database versions for database links to another Oracle Database are: 19c, 12.2.0, and 12.1.0.
Note
For complete information on supported versions, see Client Server Interoperability Support Matrix for Different Oracle Versions (Doc ID 207303.1) -
Autonomous Database sets the
SEC_CASE_SENSITIVE_LOGON
parameter totrue
and this value cannot be changed. If your target database is not an Autonomous Database, then you must setSEC_CASE_SENSITIVE_LOGON
parameter totrue
on the target database. IfSEC_CASE_SENSITIVE_LOGON
is set tofalse
on the target database, then errorORA-28040: No matching authentication protocol
is raised. -
To list the database links, use the
ALL_DB_LINKS
view. See ALL_DB_LINKS for more information. -
The wallet file, along with the Database user ID and password provide access to data in the target Oracle database. Store wallet files in a secure location. Share wallet files only with authorized users.
-
When the Autonomous Database instance is on a private endpoint, there are two options to specify the target database: use either the
hostname
parameter or therac_hostnames
parameter:-
For a target on a private endpoint,
DBMS_CLOUD_ADMIN.CREATE_DATABASE_LINK
supports specifying a single hostname with thehostname
parameter. On a private endpoint, using an IP address, SCAN IP, or a SCAN hostname is not supported (when the target is on a public endpoint,CREATE_DATABASE_LINK
supports using an IP address, a SCAN IP, or a SCAN hostname). -
When the target is an Oracle RAC database, use the
When you specify a list of host names in therac_hostnames
parameter to specify one or more hostnames withDBMS_CLOUD_ADMIN.CREATE_DATABASE_LINK
. This allows you to take advantage of the high availability capabilities of Oracle RAC. Using an IP address, a SCAN IP, or a SCAN hostname in therac_hostnames
value is not supported.rac_hostnames
parameter,CREATE_DATABASE_LINK
uses all of the specified host names as addresses in the connect string. If one of the specified hosts is not available on the target Oracle RAC database, Autonomous Database automatically attempts to connect using another host name from the list. -
DBMS_CLOUD_ADMIN.CREATE_DATABASE_LINK
does not support a value oflocalhost
for thehostname
or in therac_hostnames
parameter.
-